TWI585612B - Managing use of a field programmable gate array with isolated components - Google Patents

Description

Manage the use of field programmable gate arrays with isolation components

The present invention relates to the use of a field programmable gate array having isolation elements.

In most general-purpose computers, the operating system is the primary software that manages access to resources within the computer. The primary resource is the central processing unit (CPU), main memory, and storage that execute the application designed to execute on the computer. In some computer architectures, additional processing units (such as multiple cores in a processor) and/or additional processors (referred to as coordination processors) may be present. Examples of such coordination processors include a graphics processing unit (GPU) and a digital signal processor (DSP). The operating system also manages access by multiple programs to these resources.

A Field Programmable Gate Array (FPGA) is a type of logic device commonly used in dedicated computing devices. FPGAs are typically used to perform specific, dedicated functions that are particularly suitable for this gate array. The FPGA is typically located in a peripheral device or other dedicated hardware such as a printed circuit board that is connected to and accessed via a system bus such as a PCI bus. In general, this The device was programmed once and used multiple times. Because such devices are programmable, they have the advantage of being able to be updated in the field compared to other dedicated logic devices.

This Summary is provided to introduce a selection of concepts in the <RTIgt; The summary is not intended to identify key features or essential features of the claimed subject matter, and is not intended to limit the scope of the claimed subject matter.

One or more field programmable gate arrays (FPGAs) can be used as shared programmable coordination processor resources in general purpose computing systems. FPGAs can be programmed to perform functions that in turn can be associated with one or more programs. In the case of multiple programs, the FPGA can be shared and the program can be allocated to at least a portion of the FPGA during the time gap in which the FPGA is accessed. A program written in a hardware description language for programming an FPGA is used as a hardware library. The operating system manages the following: configuring FPGA resources into programs, programming the FPGAs according to the functions to be performed by the program using the FPGA, and scheduling the use of the FPGAs by the programs.

If an FPGA is used as a component of a general purpose computing platform, it may be vulnerable to attack and execution by unsafe code. For example, inspections of data transfers and memory may expose keys, algorithms, and other information related to security operations. To improve security, the various components of the FPGA are isolated to protect the data transmitted between the FPGA and other components of the FPGA and computer system.

For example, data written to the memory by the FPGA is encrypted and decrypted in the FPGA when read back from memory. On FPGAs and such as CPU or GPU Data transmitted between other components (either directly or via memory) can be similar to a cryptographic key known to the communication component (whether using a shared secret key or a public/private key pair). Ground encryption. The transmitted material can also be digitally signed by an FPGA or other component to provide authentication. The code used to program the FPGA can be encrypted and signed by the author, loaded into the FPGA in an encrypted state, and then decrypted and authenticated by the FPGA itself before the FPGA is programmed with the code.

In the following description, reference is made to the accompanying drawings, in which It is understood that other embodiments may be utilized and structural changes may be made without departing from the scope of the invention.

100‧‧‧ computing device

102‧‧‧Processing unit

104‧‧‧ memory

106‧‧‧dotted line

108‧‧‧Removable storage

110‧‧‧ Non-removable storage

112‧‧‧Communication connection

114‧‧‧Input device

116‧‧‧Output device

120‧‧‧FPGA unit

200‧‧‧ functional unit

202‧‧‧Functional unit

204‧‧‧Functional unit

206‧‧‧Functional unit

300‧‧‧Application

302‧‧‧Software Library

304‧‧‧FPGA hardware library

306‧‧‧Operating system

308‧‧‧CPU

310‧‧‧FPGA Resources

400‧‧‧ functional unit

402‧‧‧Functional unit

404‧‧‧Functional unit

500‧‧‧ computer system

502‧‧‧Field programmable gate array

504‧‧‧ memory

506‧‧‧Central Processing Unit

508‧‧‧Graphic Processing Unit

510‧‧‧High speed computer bus

600‧‧‧FPGA

602‧‧‧Input/Output Memory

604‧‧‧Encrypted data

605‧‧‧ decryption module

606‧‧‧Encrypted Keys

608‧‧‧ decryption module

610‧‧‧decrypted key

612‧‧ ‧ register

614‧‧‧Declassified information

616‧‧‧ memory

620‧‧‧Information

622‧‧‧Encryption Module

626‧‧‧Encryption Module

630‧‧‧Programmable components

632‧‧‧Control circuit

700‧‧‧Receiving steps

702‧‧‧Decryption steps

704‧‧‧ Receiving steps

706‧‧‧Decryption steps

708‧‧‧Storage steps

710‧‧‧Design steps

1 is a block diagram of an example computing system with FPGA resources that can be implemented for its operating system.

2 is a schematic diagram of an illustrative example of an FPGA functional unit.

3 is a schematic diagram of an example architecture of an application using hardware and software libraries on a computer system with FPGA resources.

4 is a diagram illustrating the use of an FPGA over time.

5 is a block diagram of a computing system having a field programmable gate array that supports isolation elements.

Figure 6 is a more detailed block diagram of a field programmable gate array.

Figure 7 is a flow chart depicting the secure programming of an FPGA.

The following sections provide a brief, general view of the sample computing environment. It is described that an operating system for managing the use of FPGA resources can be implemented in the example computing environment. The system can be implemented with a variety of general purpose or special purpose computing devices. Examples of suitable well-known computing devices include, but are not limited to, personal computers, server computers, palm-sized or laptop devices (eg, media players, notebook computers, cellular phones, personal data assistants, voice recorders), Multiprocessor systems, microprocessor-based systems, set-top boxes, game consoles, programmable consumer electronics, network PCs, minicomputers, large computers, distributed computing environments including any of the above systems or devices and many more.

FIG. 1 merely illustrates an example computing environment and is not intended to suggest any limitation as to the scope of use or functionality of a suitable computing environment.

Referring to FIG. 1, an example computing environment includes computing device 100. In one basic configuration, computing device 100 includes at least one processing unit 102 (such as a typical central processing unit (CPU) of a general purpose computer) and memory 104.

The computing device can include a plurality of processing units and/or additional coordination processing units, such as a graphics processing unit (GPU). The computing device also includes one or more field programmable gate arrays (FPGAs) that are represented as FPGA units 120 that can be used to share processing resources (shared between programs executing on a computer). The FPGA can be located in its own CPU jack or on a separate card that is inserted into an expansion slot, such as a Fast Peripheral Component Interconnect (PCI-E) slot. By providing such an FPGA unit, a variety of functions well suited for implementation of the gate array can be realized with the benefit of hardware acceleration.

Depending on the configuration of the processing unit and the FPGA unit, each functional unit within the unit or unit has an associated input/output channel for communicating with the main operating system program. For example, can provide dedicated to the functional unit and A memory area shared between it and a program that uses the functional unit. A request queue and a response queue can also be used to enable asynchronous calls that implement operations within the FPGA unit. In addition, the state of the function unit in the FPGA unit can be saved to and restored from the memory area for the function unit and the program. Alternatively, other techniques can be used to ensure that the functional unit is in a known state before being used by its program.

Depending on the configuration and type of computing device, memory 104 may be volatile (such as RAM), non-volatile (such as ROM, flash memory, etc.) or some combination of the two. This configuration of processing unit, coordination processor, and memory is illustrated in FIG. 1 by dashed line 106.

Computing device 100 may also have additional resources and devices. For example, computing device 100 may also include additional storage (removable and/or non-removable) including, but not limited to, a magnetic disk, a optical disk, or a magnetic tape. Such additional storage is illustrated in FIG. 1 by removable storage 108 and non-removable storage 110. Computer storage media includes volatile and non-volatile, removable and non-removable media implemented by any method or technology for storage of information such as computer program instructions, data files, data structures, program modules or other materials. The memory 104, the removable storage 108, and the non-removable storage 110 are all examples of computer storage media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, tape cartridge, magnetic tape, disk storage or Other magnetic storage devices, or any other medium that can be used to store the desired information and be accessible by computing device 100. Any such computer storage media may be part of computing device 100.

Computing device 100 can also include a communication connection 112 that allows the device to communicate with other devices via a communication medium. The implementation of communication connection 112 is dependent on the type of communication medium being accessed by the computing device, as is the case that the implementation of communication connection 112 provides an interface to such media to allow transmission and/or reception of data via the communication medium. . Communication media typically carries computer program instructions, data files, data structures, program modules or other materials in modulated data signals such as carrier waves or other transmission mechanisms, and includes any information delivery media. The term "modulated data signal" means a signal in which one or more of its characteristics are set or changed in such a manner as to encode information in the signal. By way of example and not limitation, communication media includes wired media such as a wired network or direct connection, and wireless media such as acoustic, RF, infrared, and other wireless media.

Computing device 100 can have various input devices 114 such as a keyboard, mouse, pen, camera, touch input device, and the like. Output devices 116 such as a display, a speaker, a printer, etc., may also be included. All such devices are well known in the art and need not be discussed in detail herein.

The application executing on the computing device is implemented using computer executable instructions, such as program modules, processed by the computing device and/or interpreted by the computer. In general, a program module includes routines, programs, objects, components, data structures, and the like that, when processed by a processing unit, instruct a processing unit to perform a particular task or implement a particular abstract data type. In a decentralized computing environment, such tasks can be performed by remote processing devices that are coupled via a communications network. In a distributed computing environment, the program module can be located in the local and remote computer storage media including the memory storage device.

Access to various resources of the computing device by the operating system manager executing on the computing device. Typically, executing an application on a computer system results in one or more programs being created, each of which is assigned to a different resource over time. If resources are shared between programs, and if the program cannot share resources concurrently, the operating system schedules access to the resources over time. One such resource is the FPGA unit 120 of Figure 1, which may include one or more individual FPGAs.

Referring to Figure 2, one of the resources within the FPGA unit is one or more sets of programmable gates, referred to herein as functional units. Each functional unit is defined by a set of other resources in the gate and/or gate array. In general, the functional units are non-overlapping, that is, the programmable elements in the gate array are not shared. For example, as schematically illustrated in FIG. 2, functional units 200, 202, 204, and 206 are non-overlapping. Most FPGAs have only one functional unit. However, FPGA unit 120 in FIG. 1 may have one or more FPGAs. In the case of multiple FPGAs, each FPGA can be considered a functional unit. Referring to FIG. 3, each functional unit is a resource that can be assigned to one or more programs, programmed by the operating system using a hardware library that implements an operation, and then assigned to the program for performing the operation. . Referring to FIG. 3, as an example, application 300 can perform various operations using conventional software library 302 and FPGA hardware library 304. If the application relies on the hardware library 304, the operating system 306 uses the hardware library to program the FPGA resources 310 to allow the application 300 to use the library. The FPGA can be programmed before the application begins execution. If the FPGA can be reprogrammed fast enough, the library can be loaded into the FPGA within the scheduling quantum of the operating system. Operating system 306 also executes software commands from application 300 and software library 302 on CPU 308. When the application makes a call to the function performed by the software library When called, the operating system performs functions from the software library on the CPU 308. When an application makes a call to a function performed by the FPGA, the operating system ensures that the FPGA is programmed with a hardware library and uses the FPGA to perform functions.

To illustrate how different functional units can be used over time, reference is now made to FIG. In Figure 4, at time T1, functional units 400 and 402 are used. At time T2, functional units 400 and 404 are used. At time T3, functional units 400 and 402 are used again. At time T1, functional unit 400 can be assigned to program P1, and functional unit 402 can be assigned to program P2. At time T2, program P2 may be inactive, while program P1 can use functional unit 400 and program P3 can use functional unit 404. At time T3, another program (such as program P4) can begin to use functional unit 400; and program P2 can be active again to use functional unit 402. With current FPGA implementations, the use of multiple functional units by different programs at the same time implies the use of multiple FPGAs. Insofar as the FPGA can support multiple functional units that are used by different programs at the same time, the functional units can be on the same FPGA. In fact, the operating system is statistically multiplexed in time and space.

In order to allow such use of FPGA resources by different programs over time, the operating system has a scheduler that determines which program can access the FPGA resources in each scheduling quantum (ie, time period) and When the FPGA functional unit is programmed with a hardware library, the functional unit can be used by the program. Thus, the implementation of the scheduler for the FPGA unit depends in part on the nature of the FPGA unit and the one or more FPGAs it includes. The FPGA-related factors to consider include, but are not limited to, the following. For example, in some cases, if a functional unit cannot be programmed independently of other functional units, then The entire FPGA is refreshed to program the functional unit. Another consideration is whether the speed at which the functional unit can be programmed and the programming of the functional unit prevent other functional units from being used during the programming phase. Another factor to consider is whether the program can share the hardware library by sharing functional units. The scheduler also considers factors such as the number of concurrent programs, application performance guarantees, application prioritization, program context switching costs, access to memory and busses, and the availability of functional units in the FPGA unit. The availability of the software library in the case.

There may be other situations where the FPGA unit provides a common facility to the application or operating system, and the FPGA unit is therefore scheduled for the length of the application generation entity. For example, a custom network protocol or offload can be provided as an acceleration service on an FPGA unit. In contrast, system calls or standard library calls typically performed in a general purpose CPU can be accelerated using an FPGA. In addition, the operating system can multiplex CPUs based on preferences of program prioritization. In another case, the operating system can use the application's profile (statistically or dynamically generated) to predict the function that is best suited for execution on the FPGA unit and then preload the function so that the function is available for scheduling . By using the profile as a guide, the operating system ensures that both space and time are available on the FPGA unit to speed up the application. Ultimately, the operating system can use simple hints from the application to know when to schedule time on the FPGA unit. For example, some calls to the operating system (system calls) can indicate long delays (calls to disk or network) that provide the FPGA unit to idle for a certain amount of time for other threads or programs to use. Tips. Therefore, the operating system uses various hints and preferences to establish a schedule for multiplex access to the FPGA unit. Because the operating system controls the scheduler, The operating system has detailed knowledge about ongoing and upcoming work, available hardware libraries, and the time spent in programming the FPGA. Therefore, the operating system can use this knowledge to determine which programs utilize the FPGA during execution.

A general overview of such a computer architecture has now been described, and an example implementation will now be described.

Referring to Figure 5, a general architecture of a computer system 500 using a field programmable gate array 502 having isolation elements is illustrated. In this example, the FPGA is coupled to memory 504, central processing unit 506, and graphics processing unit 508. Such connections are provided via conventional high speed computer bus 510, such as a CPU jack with a super-transmission bus, PCI, PCI-E, or PCI-X bus.

The field programmable gate array can include one or more registers including a cryptographic key (such as a symmetric key or a public/private key pair). The one or more registers also include the ability to use their keys to perform corresponding cryptographic operations. The cryptographic component can be part of the programming of the FPGA's programmable components. These components can be implemented with countermeasures to increase the difficulty of direct analysis of the wafer, such as the use of Trusted Platform Module (TPM) components.

In one implementation, the cryptographic key can be stored in the TPM component, where the FPGA can only load such a key from the TPM component when the key is used. If the TPM can access the public key of the public/private pair held by the FPGA, the TPM can use the public key of the FPGA to encrypt the key held by the TPM to the FPGA. Thus, the key itself is only decrypted after being transferred from the TPM to the FPGA. This configuration allows the encrypted key to be transmitted via an insecure bus, such as a standard PC high speed interconnect.

A logical channel is established between the FPGA 502 and the main memory 505 by encrypting all data with a symmetric key before all data leaves the FPGA, and storing the encrypted data in the main memory. Subsequently, when the encrypted material is read back from the main memory back into the FPGA, the encrypted data is decrypted using the symmetric key within the FPGA. In one implementation, encryption of the data may also include integrity protection. For example, an authenticated cryptographic mode of operation for symmetric ciphers can be used. As another example, the material can be hashed and the hash value can be appended to the material, and then the data with the additional hash value can be encrypted before being written to the main memory.

A logical channel is established between the FPGA 502 and a graphics processing unit (GPU) 508 or other component, such as a CPU or peripheral device, via mutual authentication and key transfer protocols. In this case, the FPGA authenticates itself to the component (eg, GPU) using the public/private key pair, and the component uses the second public/private key pair (where the private key is known only to the GPU) ) to complete the move. As part of the mutual authentication process, the FPGA and GPU establish one or more shared secrets (eg, two shared secrets, one for integrity protection and one for confidentiality). These shared secrets are then used as part of the secure communication period between the FPGA and the GPU to encrypt and authenticate subsequent communications between the two components.

Referring now to Figure 6, a more detailed view of a field programmable gate array providing isolation elements is now illustrated.

FPGA 600 includes input/output memory 602, encrypted data 604 and the encrypted key 606 are transmitted via the memory.

When encrypted material 604 is received from other devices, the encrypted data is decrypted by decryption module 605 (which may implement, for example, a symmetric key cryptographic operation). In some cases, the encrypted key 606 (which may be used by the decryption module 605) is received and decrypted by a decryption module 608 (which may implement, for example, a public key/private key cryptographic operation). The decrypted key 610 can be stored in the scratchpad 612. In other cases, the decrypted material 614 can be stored in the memory 616.

When transmitted to other devices, material 620 (such as from memory 616) is encrypted by encryption module 622 (which may implement, for example, symmetric key cryptographic operations) to provide encrypted material 604. The encryption module 622 can use the key 610 stored in the register 612. In some cases, encryption module 626 (which may implement, for example, a public key/private key cryptographic operation) may encrypt key 610 used by encryption module 622 for transmission as encrypted key 606. Encrypted material 604 and key 606 may be stored in memory 602 prior to transmission to another component within the computer system, such as a memory, GPU, CPU, peripheral card, or other device.

Memory 616 is generally accessible by programmable component 630 of the FPGA for both reading and writing of data. It is possible to have some registers that can only be read by the programmable component but cannot be modified.

The data received in the memory 616 can also be the programming code for programming the functional units of the FPGA unit. Control circuit 632 reads the programming code from memory 616 and programs programmable component 630. This structure allows for encryption as will be described in more detail below. The signed code is safely downloaded to the FPGA where the code is authenticated and decrypted and then used to program the FPGA.

In some implementations, the programmable components of the FPGA can be used to implement various cryptographic operations in the decryption module and the cryptographic module.

Given this configuration, the FPGA can securely transfer data between itself and other components within the computer system because the data is encrypted on all accessible busses.

For example, to transfer data to other components, the FPGA encrypts the data within the FPGA. The encrypted data is then transferred to the main memory or directly to the component.

If the component is the FPGA itself, the encrypted data is read back from the main memory back to the FPGA, and the encrypted data is decrypted using the internal key and cryptographic operations of the FPGA. In this example, the FPGA uses the main memory as an additional memory.

The FPGA can use the main memory to transfer data to other components. In this example, other components read the encrypted material from memory and decrypt the data. Thus, the CPU, GPU or other components also include encryption/decryption modules similar to those used in FPGAs.

Similarly, other components can transfer data directly to the FPGA or to the FPGA via memory. Other components encrypt the data and transfer the data to a memory or FPGA. The FPGA then reads the data from the memory or receives the data and then decrypts the data.

If the decryption uses a shared secret, the secret may also be transmitted directly from the FPGA to the component or via memory to the component (or may have been This component is transferred to the FPGA). The transmission of the shared secret can be performed using public key/private key encryption to protect the secret. Specifically, to provide mutual authentication, the FPGA authenticates itself to the component (eg, GPU) using a public/private key pair, and the component uses a second public key with a private key known only to the GPU/ The private key pair completes the move.

As part of the mutual authentication process, the FPGA and GPU establish one or more shared secrets (eg, two shared secrets, one for integrity protection and one for confidentiality). These shared secrets are then used as part of the secure communication period between the FPGA and the GPU to encrypt and authenticate subsequent communications between the two components.

As another example, illustrated in Figure 7, a procedure for securely programming an FPGA is now described.

In general, securely programming an FPGA involves receiving encrypted programming logic into memory. The encrypted program logic is decrypted in the field programmable gate array and decrypted into the memory in the FPGA. The decrypted program logic is then used to program the programmable components of the field programmable gate array.

As illustrated in Figure 7, since the program logic is intended to implement cryptographic operations, it is desirable to ensure that the encrypted program logic is authenticated. For example, the encrypted program logic can be encrypted using an authentication encryption protocol, or the encrypted program logic can include a digital signature for unencrypted program logic. In one implementation, the encrypted program logic can be encrypted using a symmetric key that is encrypted with the public key of the FPGA and also digitally signed by the trusted source in a manner that the FPGA can cryptographically verify.

The FPGA receives 700 encrypted symmetric keys. The FPGA decrypts 702 the symmetric key using its own private key and authenticates the symmetric key using the public key of the trusted source. The FPGA then receives 704 the encrypted program logic. The FPGA decrypts 706 the encrypted program logic using the decrypted symmetric key and temporarily stores the decrypted program logic 708 in memory in the FPGA where the encrypted program logic is used by the control logic Programming 710 FPGA's programmable components.

The terms "article", "program", "machine" and "substance composition" in the subject matter of the appended claims are intended to limit the claim to the definition of the use of such terms that are considered to fall within the patent law. Within the scope of the patent protection.

Any or all of the alternative embodiments described herein mentioned above may be used in any combination required to form additional hybrid embodiments. It should be understood that the subject matter defined in the appended claims is not necessarily limited to the specific implementations described above. The specific implementations above are disclosed as examples only.

600‧‧‧FPGA

602‧‧‧Input/Output Memory

604‧‧‧Encrypted data

605‧‧‧ decryption module

606‧‧‧Encrypted Keys

608‧‧‧ decryption module

610‧‧‧decrypted key

612‧‧ ‧ register

614‧‧‧Declassified information

616‧‧‧ memory

620‧‧‧Information

622‧‧‧Encryption Module

626‧‧‧Encryption Module

630‧‧‧Programmable components

632‧‧‧Control circuit

Claims (19)

A field programmable gate array (FPGA) comprising: a plurality of programmable components; and isolated FPGA components that allow for security of the field programmable gate array and other components in a computer system Communication, the isolated FPGA component includes a first memory and a second memory, the first memory is allowed to receive encrypted data from outside the FPGA, and the second memory is external to the FPGA during operation The components are isolated and the second memory is allowed to store data decrypted within the FPGA. The field programmable gate array as recited in claim 1, wherein the isolated FPGA components include a mutual authentication and encryption key module that allows for transfer between the FPGA and other components of the computer system. Data is encrypted and certified. The on-site programmable gate array as claimed in claim 2, wherein the mutual authentication and encryption key module includes a program loading portion, the program loading portion includes: the first memory, the first memory is Allowing to receive input data comprising encrypted program logic and at least one encrypted key; a first decryption module having an input to receive the encrypted key, corresponding to the a public key of a sender of the encrypted key and a private key associated with the FPGA, and having an output providing a decrypted key; a second decryption module having an input to receive the decrypted key from the first decryption module and the encrypted program logic from the memory, and having a decrypted An output of the program logic; the second memory, the second memory is allowed to receive and store the decrypted program logic; and a control circuitry for using the second memory The decrypted program logic is used to program the programmable components of the FPGA. The on-site programmable gate array as recited in claim 1, wherein the isolated FPGA component comprises: a memory access channel comprising: an encryption module having an input to receive the input from the FPGA And processing data of the processing component and providing the encrypted data to an output of a memory; and a decryption module having an input for receiving data from the memory and providing the decrypted data to the FPGA The output of these processing elements. The on-site programmable gate array as recited in claim 1, wherein the isolated FPGA component comprises: a communication channel access module, comprising: an encryption module having an input to receive from the FPGA Information on the processing elements and the information to be encrypted An output of a communication channel; and a decryption module having an input for receiving data from the communication channel and providing the decrypted material to an output of the processing elements within the FPGA. The on-site programmable gate array as recited in claim 1, wherein the isolated FPGA components include isolated scratchpads, the isolated scratchpads comprising: an encryption module having an input to receive Information from the processing elements of the FPGA and the output of the encrypted data to a register in the FPGA; and an input module having a means for receiving pairs from the register a request input of data, and an output of the encrypted data from the register; a decryption module having an input to receive data from the register and to provide the decrypted material to The output of the processing elements within the FPGA. A method for programming a field programmable gate array (FPGA), the method comprising the steps of: receiving encrypted program logic into a first memory within the FPGA; utilizing a decryption within the FPGA Module decrypting the encrypted program logic into a second memory in the FPGA, the second memory being isolated from components external to the FPGA during operation within the FPGA; and The FPGA is designed using the decrypted program logic. The method as recited in claim 7, further comprising the steps of: receiving an encrypted key for the encrypted program logic into the first memory; decrypting the encrypted key in the FPGA; The decrypted key is stored in an isolated memory within the FPGA; and the decrypted key is used when the encryption program is logically decrypted. The method of claim 8, wherein the encrypted key is encrypted using a public key of the FPGA and a private key of a provider of the encrypted program logic. The method of claim 9, wherein the encrypted program logic is encrypted using a symmetric key. A program in a computer system comprising the steps of: establishing a mutual authentication and encrypted secret channel between a field programmable gate array (FPGA) and a computer component, wherein the unencrypted material is stored in In an isolated memory in the FPGA, the isolated memory is isolated from components external to the FPGA during operation and the computer component cannot access the isolated memory; and the data is secured via the mutual authentication and encrypted secret channel. Send Go to the computer component. The program as recited in claim 11, wherein the FPGA comprises a second memory, and the step of securely transmitting the data comprises the step of: encrypting the data stored in the isolated memory and encrypting the data The data is stored in the second memory; and the computer component reads the encrypted material from the second memory and decrypts the data in the computer component. The program as recited in claim 12, wherein the computer component is a program central processing unit. The program as recited in claim 12, wherein the computer component is a program trusted platform module component. The program as recited in claim 12, wherein the computer component is a program storage device. The program as recited in claim 12, wherein the computer component is another computing device having its own FPGA. The program as recited in claim 11, wherein the step of securely transmitting the data comprises the steps of: the FPGA using a public key of the computer component and a private one of the FPGA The key encrypts the data and sends the encrypted data to the computer component; and the computer component receives and decrypts the public key in the computer component using a public key of the FPGA and a private key of the computer component data. The program as recited in claim 17, wherein the encrypted material includes at least one shared secret. The program as recited in claim 18, further comprising the step of securely transmitting the additional material between the FPGA and the computer component by encrypting and decrypting the additional material using the at least one shared secret.